Local file implementation of secret driver API

This implementation stores the secrets in an unencrypted text file,
for simplicity in implementation and debugging.

(Symmetric encryption, e.g. using gpgme, will not be difficult to add.
Because the TLS private key used by libvirtd is stored unencrypted,
encrypting the secrets file does not currently provide much additional
security.)

* include/libvirt/virterror.h, src/virterror.c (VIR_ERR_NO_SECRET): New
  error number.
* po/POTFILES.in, src/Makefile.am: Add secret_driver.
* bootstrap: Use gnulib's base64 module.
* src/secret_driver.c, src.secret_driver.h, src/libvirt_private.syms:
  Add local secret driver.
* qemud/qemud.c (qemudInitialize): Use the local secret driver.

bootstrap

@@ -65,6 +65,7 @@ gnulib_tool=$GNULIB_SRCDIR/gnulib-tool
 <$gnulib_tool || exit
 
 modules='
+base64
 c-ctype
 close
 connect

include/libvirt/virterror.h

@@ -169,6 +169,7 @@ typedef enum {
     VIR_ERR_MULTIPLE_INTERFACES, /* more than one matching interface found */
     VIR_WAR_NO_SECRET, /* failed to start secret storage */
     VIR_ERR_INVALID_SECRET, /* invalid secret */
+    VIR_ERR_NO_SECRET, /* secret not found */
 } virErrorNumber;
 
 /**

po/POTFILES.in

@@ -31,6 +31,7 @@ src/qemu_conf.c
 src/qemu_driver.c
 src/remote_internal.c
 src/secret_conf.c
+src/secret_driver.c
 src/security.c
 src/security_selinux.c
 src/storage_backend.c

qemud/qemud.c

@@ -92,6 +92,7 @@
 #ifdef WITH_NODE_DEVICES
 #include "node_device.h"
 #endif
+#include "secret_driver.h"
 #endif
 
 
@@ -814,6 +815,7 @@ static struct qemud_server *qemudInitialize(int sigread) {
     virDriverLoadModule("network");
     virDriverLoadModule("storage");
     virDriverLoadModule("nodedev");
+    virDriverLoadModule("secret");
     virDriverLoadModule("qemu");
     virDriverLoadModule("lxc");
     virDriverLoadModule("uml");
@@ -832,6 +834,7 @@ static struct qemud_server *qemudInitialize(int sigread) {
     (defined(HAVE_HAL) || defined(HAVE_DEVKIT))
     nodedevRegister();
 #endif
+    secretRegister();
 #ifdef WITH_QEMU
     qemuRegister();
 #endif

src/Makefile.am

@@ -182,6 +182,9 @@ NETWORK_DRIVER_SOURCES =					\
 INTERFACE_DRIVER_SOURCES =					\
 		interface_driver.h interface_driver.c
 
+SECRET_DRIVER_SOURCES =						\
+		secret_driver.h secret_driver.c
+
 # Storage backend specific impls
 STORAGE_DRIVER_SOURCES =					\
 		storage_driver.h storage_driver.c		\
@@ -458,6 +461,17 @@ endif
 libvirt_driver_interface_la_SOURCES = $(INTERFACE_DRIVER_SOURCES)
 endif
 
+if WITH_DRIVER_MODULES
+mod_LTLIBRARIES += libvirt_driver_secret.la
+else
+noinst_LTLIBRARIES += libvirt_driver_secret.la
+libvirt_la_LIBADD += libvirt_driver_secret.la
+endif
+if WITH_DRIVER_MODULES
+libvirt_driver_secret_la_LDFLAGS = -module -avoid-version
+endif
+libvirt_driver_secret_la_SOURCES = $(SECRET_DRIVER_SOURCES)
+
 # Needed to keep automake quiet about conditionals
 libvirt_driver_storage_la_SOURCES =
 libvirt_driver_storage_la_CFLAGS =

src/libvirt_private.syms

@@ -319,6 +319,9 @@ virSecretDefParseString;
 virSecretDefParseFile;
 virSecretDefFormat;
 
+# secret_driver.h
+secretRegister;
+
 # security.h
 virSecurityDriverVerify;
 virSecurityDriverStartup;

src/secret_driver.h

@@ -0,0 +1,28 @@
+/*
+ * secret_driver.h: local driver for secret manipulation API
+ *
+ * Copyright (C) 2009 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+ *
+ * Red Hat Author: Miloslav Trmač <mitr@redhat.com>
+ */
+
+#ifndef __VIR_SECRET_DRIVER_H__
+#define __VIR_SECRET_DRIVER_H__
+
+int secretRegister(void);
+
+#endif /* __VIR_SECRET_DRIVER_H__ */

src/virterror.c

@@ -1082,6 +1082,11 @@ virErrorMsg(virErrorNumber error, const char *info)
                 errmsg = _("Invalid secret");
             else
                 errmsg = _("Invalid secret: %s");
+        case VIR_ERR_NO_SECRET:
+            if (info == NULL)
+                errmsg = _("Secret not found");
+            else
+                errmsg = _("Secret not found: %s");
             break;
     }
     return (errmsg);